﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;

using System.Data.SqlClient;
using System.Web.Configuration;
using System.Security.Cryptography;
using System.Text;

namespace Baocao
{
	public partial class Login : System.Web.UI.Page
	{
		private SqlConnection appProxy = new SqlConnection(WebConfigurationManager.ConnectionStrings["appconn"].ConnectionString);

		protected void Page_Load(object sender, EventArgs e)
		{
			appProxy.Open();
			Session["appProxy"] = appProxy;

			Session["SoftwareName"] = "HiVi Report online";
			Session["bpkd"] = "HIVI";
		}

		protected void cLogin_Authenticate(object sender, AuthenticateEventArgs e)
		{
			//if (CheckLogin(cLogin.UserName, Encrypt(cLogin.Password, cLogin.UserName)) == true)
			if (CheckLogin(cLogin.UserName, cLogin.Password) == true)
			{
				DataSet ds = new DataSet();
				hg3.hg3.sql.SQLRetrieve(appProxy, "EXEC [get_DatabaseConnection] '" + cLogin.UserName + "'", "sConn", ref ds);
				SqlConnection appConn = new SqlConnection(ds.Tables["sConn"].Rows[0]["ConnectionString"].ToString());
				appConn.Open();
				Session["appConn"] = appConn;

				FormsAuthentication.RedirectFromLoginPage(cLogin.UserName.ToUpper(), cLogin.RememberMeSet);
				e.Authenticated = true;
			}
			else
				e.Authenticated = false;
		}

		private bool CheckLogin(string userid, string pass)
		{
			try
			{
				DataSet ds = new DataSet();
				hg3.hg3.sql.SQLRetrieve(appProxy, "SELECT * FROM userinfo WHERE UPPER(UserID) = '" + userid.ToUpper() + "' AND UPPER(Password) = '" + pass.ToUpper() + "'", "tbluserinfo", ref ds);
				if ((ds.Tables["tbluserinfo"].Rows.Count < 1))
				{
					return false;
				}
				Session["UserInfo"] = ds.Tables["tbluserinfo"];
				return true;
			}
			catch (Exception ex)
			{
				return false;
			}
		}

		private string Encrypt(string sEncrypt, string sKey)
		{
			try
			{
				byte[] arrKey = null;
				byte[] arrEncrypt = UTF8Encoding.UTF8.GetBytes(sEncrypt);
				MD5CryptoServiceProvider obj_Md5_Service = new MD5CryptoServiceProvider();
				arrKey = obj_Md5_Service.ComputeHash(UTF8Encoding.UTF8.GetBytes(sKey));
				TripleDESCryptoServiceProvider TdCP = new TripleDESCryptoServiceProvider();
				TdCP.Key = arrKey;
				TdCP.Mode = CipherMode.ECB;
				TdCP.Padding = PaddingMode.PKCS7;
				ICryptoTransform cTransform = TdCP.CreateEncryptor();
				byte[] arrResult = cTransform.TransformFinalBlock(arrEncrypt, 0, arrEncrypt.Length);
				return Convert.ToBase64String(arrResult, 0, arrResult.Length);
			}
			catch (System.Security.Cryptography.CryptographicException ex)
			{
				throw (new System.Exception(ex.Message, ex.InnerException));
			}
		}

		private string Decrypt(string sDecrypt, string sKey)
		{
			try
			{
				byte[] arrKey = null;
				byte[] arrEncrypt = Convert.FromBase64String(sDecrypt);
				MD5CryptoServiceProvider obj_Md5_Service = new MD5CryptoServiceProvider();
				arrKey = obj_Md5_Service.ComputeHash(UTF8Encoding.UTF8.GetBytes(sKey));
				TripleDESCryptoServiceProvider TdCP = new TripleDESCryptoServiceProvider();
				TdCP.Key = arrKey;
				TdCP.Mode = CipherMode.ECB;
				TdCP.Padding = PaddingMode.PKCS7;
				ICryptoTransform cTransform = TdCP.CreateDecryptor();
				byte[] arrResult = cTransform.TransformFinalBlock(arrEncrypt, 0, arrEncrypt.Length);
				return UTF8Encoding.UTF8.GetString(arrResult);
			}
			catch (System.Security.Cryptography.CryptographicException ex)
			{
				throw (new System.Exception(ex.Message, ex.InnerException));
			}
		}
	}
}
